tektite-software/authoreyes

View on GitHub
lib/authoreyes/parser/priveleges_reader.rb

Summary

Maintainability
A
0 mins
Test Coverage
module Authoreyes
  module Parser
    # The PrivilegeReader handles the part of the authorization DSL in
    # a +privileges+ block.  Here, privilege hierarchies are defined.
    class PrivilegesReader
      # TODO: handle privileges with separated context
      attr_reader :privileges, :privilege_hierarchy # :nodoc:

      def initialize # :nodoc:
        @current_privelege = nil
        @current_context = nil
        @privileges = []
        # {priv => [[priv,ctx], ...]}
        @privilege_hierarchy = {}
      end

      def initialize_copy(from) # :nodoc:
        @privileges = from.privileges.clone
        @privilege_hierarchy = from.privilege_hierarchy.clone
      end

      def append_privilege(priv) # :nodoc:
        @privileges << priv unless @privileges.include?(priv)
      end

      # Defines part of a privilege hierarchy.  For the given +privilege+,
      # included privileges may be defined in the block (through includes)
      # or as option :+includes+.  If the optional context is given,
      # the privilege hierarchy is limited to that context.
      #
      def privilege(privilege, context = nil, options = {}, &block)
        if context.is_a?(Hash)
          options = context
          context = nil
        end
        @current_privelege = privilege
        @current_context = context
        append_privilege privilege
        instance_eval(&block) if block
        includes(*options[:includes]) if options[:includes]
      ensure
        @current_privelege = nil
        @current_context = nil
      end

      # Specifies +privileges+ that are to be assigned as lower ones.  Only to
      # be used inside a privilege block.
      def includes(*privileges)
        raise DSLError,
              'includes only in privilege block' if @current_privelege.nil?
        privileges.each do |priv|
          append_privilege priv
          @privilege_hierarchy[@current_privelege] ||= []
          @privilege_hierarchy[@current_privelege] << [priv, @current_context]
        end
      end
    end
  end
end